Does anybody provide functionality on their site by which a customer can log in, reserve a ticket, and see a list of previous credit cards used for previous transactions (just last 4 digits of course), select a particular card and proceed with the order without re-entering the full cc number (like Amazon's process)?
(this functionality already exists within the Tessitura client)The only way I can think to do with this with the API is to create a custom procedure that would return the full card number back to the client since all of the checkout methods require the full credit card number. Doing this would raise all kinds of PCI flags that I am not convinced could be resolved so my gut tells me that until there is API functionality to use a customer's payment account ID in the checkout process instead of a full credit card number I won't be able to do this.
of course I could just be ignorant of some already existing methods to do this.
Thanks!
Depending on how deeply you want to dig and test, you may be able to also build a custom procedure that effectively extends the one used by the checkout API call to get the CC info from the payment account all at the database level (in addition to one to return the last 4 digits to the web). That way, the public facing website is never seeing the full credit card number.
You'd probably have to write some custom code as well to save the payment info for a checkout where the user is not using a saved card as well.
Chris
We have this functionality on our site. It was implemented by creating a bridge service and a simple custom stored procedure. Therefore, the full credit card number stays within the API server.
Jackie Guy
Chicago Symphony Orchestra